Mezb 0 Posted May 13 Share Posted May 13 Today I entered https://premioibest.com/o-premio/ to see about an award voting and for my surprise my nod32 AV is reporting JS/Agent.QPA trojan on this page every time I refresh. It didn't look a real threat. If it is, I'd like to know from which script of the page is it coming to block it on my uMatrix extension. The language of the site is Brazilian Portuguese. https://premioibest.com/o-premio/ Thanks in advance. Link to comment Share on other sites More sharing options...
Administrators Solution Marcos 5,407 Posted May 13 Administrators Solution Share Posted May 13 The detection is correct. The website was compromised and contains the JS malware detected by ESET: https://sitecheck.sucuri.net/results/https/premioibest.com/o-premio/ Link to comment Share on other sites More sharing options...
Mezb 0 Posted May 13 Author Share Posted May 13 (edited) OK, thank you. So adding premioibest.com##^script:has-text(eu-central) to ublock my filters list solved the problem. Edited May 13 by Mezb Link to comment Share on other sites More sharing options...
Recommended Posts